<?php
/**
 * reg.php - regiester page
 *
 * NMIT BIT Project - Infinity - A 3D Website using WebGL & HTML5 Technology
 * Infinity Grid Version 
 * Version: 1.0 Beta 2
 *
 * Infinity - Login function test
 *
 * Author: William Liu <qzliuyuzou@gmail.com> <lyzdev@gmail.com>
 *
 * Required Server Version:
 *  PHP5 or higher
 *  MySQL 5 or higher
 *
 * Required Browser Version:
 *  Google Chrome 9 or higher
 *  Mozilla Firefox 4 Beta or higher
 *  *Apple Safari
 *
 * Copyright (c) 2011, William Liu All rights reserved.
 * Infinity is an open source 3D website project
 * Under Apache License 2.0
 * http://www.lyzsoft.cn
 * http://7cloud.wordpress.com
 *
 * User level
 * 1 = normal user
 * 5 = administrator
 ******
 * User enable
 * 0 = disable
 * 1 = enable
 *
 * Project Starting date: 9/3/2011
 * Update Date 1: 6/4/2011
 * Update Date 2: 8/5/2011
 * Update Date 3: 9/5/2011
 * Update Date 4: 5/6/2011 - Beta 2
 *
**/

//Initialize session
session_start();

//file include check
define('INCLUDE_CHECK',1);
require_once('connection.php');

//Check database connection
@mysql_connect($db_host, $db_user, $db_pass)
or die("Database Connection Fail!");  
@mysql_select_db($db_name)
or die("The Database is not available!");
?>

<!DOCTYPE html>
<head>
<meta charset="utf-8">
<title>Infinity - Register</title>
<link rel="stylesheet" type="text/css" href="style.css"/>
</head>

<body>
<div id="header">
   <div id="logo"><h1>
   <a href="index.php" title="Welcome to Infinity">Infinity</a>
   </h1></div>
</div>

<?php
if(isset($_SESSION['username']))  
{
    //Get Session  
    $username = $_SESSION['username'];
	 
    //SQl query, to get user lvl  
    $userCheckQuery = @mysql_query("select user_level from users "."where username = '$username'")  
    or die("SQL query fail!");
	
    $userCheck = mysql_fetch_array($userCheckQuery);  
    //Compare user lvl information between database and Sessipon, if is different, then update Session information
    if($userCheck['user_level'] != $_SESSION['user_level'])  
    {  
        $_SESSION['user_level'] = $userCheck['user_level'];  
    }  
    //Base on Session value to output different welcome information 
    if($_SESSION['user_level'] == 5)
	{  
        echo '
		<!--rewrite style.css-->
		<style type="text/css">
		#reg table, tbody, tfoot, tr, th, td{
			padding: 2px;
			border: 0;
			outline: 0;
			text-align: left;
			border-bottom:0px; !important
			}
		</style>
			
		<form id="reg" name="reg" method="post" action="reg.php">  
		  <table width="300" border="0" align="center" cellpadding="2" cellspacing="2">  
			<tr>  
			  <td width="150"><div align="left">User Name:</div></td>  
			  <td width="150"><input type="text" name="addUsername"></td>  
			</tr>  
			<tr>  
			  <td><div align="left">Password：</div></td>  
			  <td><input type="password" name="addPassword"></td>  
			</tr>
			<tr>  
			  <td><div align="left">Level(1 or 5)：</div></td>  
			  <td><input type="text" name="addUser_level"></td>  
			</tr>
		  </table>  
		  <p align="center">  
			<input type="submit" name="Register" value="Register">  
			<input type="reset" name="Reset" value="Reset">  
		  </p>
		</form>
		';
		
		//Get user input from form(reg.php)
		$addUsername = $_POST['addUsername'];
		$addPassword = $_POST['addPassword'];
		$addUser_Level = $_POST['addUser_level'];
		
		$currentUsers = mysql_query("SELECT COUNT(ID) FROM users")
		or die("current users checking fail!");
		
		if ($addUsername != '' && $addPassword != '')
		{
			//SQL query and get session value
			$addUserQuery = @mysql_query("insert into users (username, password, user_level) VALUES ('$addUsername', '$addPassword', '$addUser_Level')")
			or die("SQL query fail!");
			//return information
			//if($regRow = mysql_fetch_array($addUserQuery))
			if($currentUsers++)
			{
				echo "<div class=\"loginmsg\">User added successfully! Happy to go :)</div>";
				echo "<script language=\"JavaScript\">window.setTimeout(\"window.location.href=\'index.php\'\", 5000); </script>";
				}  
			else
			{  
				echo "<div class=\"loginmsg\"><div class=\"loginmsg\">Oops :( looks like some bugs are biting me!</div>";
				/*echo "<script language=\"JavaScript\">window.setTimeout(\"window.location.href=\'admin.php\'\", 5000); </script>";*/
				}
			}
	}
	if($_SESSION['user_level'] == 1)
	{  
        echo "<div class=\"loginmsg\">Sorry User ".$_SESSION['username']. "! " ."You do not have permission to access this page!</div>";  
        echo "<script language=\"JavaScript\">window.setTimeout(\"window.location.href=\'index.php\'\", 3000); </script>";
	}
}
else 
{
	echo "<div class=\"loginmsg\">You do not have permission to access this page!</div>";  
    echo "<script language=\"JavaScript\">window.setTimeout(\"window.location.href=\'index.php\'\", 3000); </script>";
}
?>


<div id="footer">
    <p>Powered by William</p>
    <?php
    if($_SESSION['user_level'] == 1 || $_SESSION['user_level'] == 5)
	{
		echo "<p>
		         <span>
		             <a title=\"Oops, are you lost?\" href=\"index.php\"><- Back to Front page</a> | <a title=\"Go to Administration\" href=\"admin.php\">Go to administration page -></a>
			     </span>
			  </p>";		
		}
	?>
</div>
</body>
</html>